<?php 
    include('../header.php');

    if($_POST['action'] == 'loginOut'){//登出
        session_id($_POST['sessionId']);
        session_start();
        if(isset($_SESSION['userInfo'])){
            unset($_SESSION['userInfo']);
        }
        $res['status'] = 1;
    }else{//登录
        $account=$_POST['account'];//post获取表单里的account
        $password=$_POST['password'];
    
        if( !($account && $password) ){
            $res['msg']['en'] = 'Error: Incomplete information';
            $res['msg']['cn'] = 'Error: 信息填写不完整';
            echo json_encode($res);
            die();
        }
        
        include('../connect.php');//链接数据库
    
        $q="select * from user where account='$account' and password='$password'";//检测数据库user表中是否有对应的username和password的
        $result=mysql_query($q,$con);//执行sql
        $rows=mysql_num_rows($result);//返回一个数值  0 false 1 true
        $resultDate = mysql_fetch_assoc($result);;
        foreach($resultDate as $key=>$val){
            $tempStr .= $key.'='.$val.'&';
        }
        if($rows){
               $lifeTime = 24 * 3600; 
               session_set_cookie_params(time() + $lifeTime);
               
               if($_POST['sessionId']){
                session_id($_POST['sessionId']);
               }
               session_start();// PHP开启Session
               $res['status'] = 1;
               $res['data']['result'] = $tempStr;
               $res['data']['sessionId'] = session_id();//这个就是服务器端生成的SessionID，非常重要，用于身份验证的判定
               $_SESSION['userInfo'] =  $tempStr;
        }else{
            $res['msg']['en'] = 'Error: Incorrect username or password'.  mysql_error();
            $res['msg']['cn'] = 'Error: 用户名或密码错误'.  mysql_error();
            echo json_encode($res);
            die();
            
        }
        mysql_close($con);//关闭数据库
    }
    echo json_encode($res);
?>